成功更改电子邮件后重定向用户

时间:2019-12-14 作者:fmarkovic

I set up a front end form for logged in users to update their email address. So far it is working however I want the user, after confirming the email change via link sent to the new address, to be redirected to a custom front-end page.(after the change done in /wp-admin/edit-profile.php).

Thus the user never seeing the backend user profile page.

Here is the code for the form

<form action="<?php the_permalink(); ?>" method="post">
<div class="form-group">
<label for="e-mail">E-mail</label>
<input type="email" class="form-control" value="<?php echo esc_html($current_user->user_email); ?>" name="email" id="email">
<small class="form-text text-muted">If you change this we will send you an email at your new address to confirm it. <strong>The new address will not become active until confirmed.</strong></small>
</div>
<button class="btn btn-primary" type="submit">Change E-mail</button>
</form>

and the form processing

    if (isset( $_POST[\'email\'])) {



// check if user is really updating the value
if ($user_email != $_POST[\'email\']) {       
    // check if email is free to use
    if (email_exists( $_POST[\'email\'] )){
        // email already taken
        echo \'That e-mail address is not available.\';
        exit();
    } else {
        $_POST[\'user_id\'] = $current_user->ID;
        send_confirmation_on_profile_email();
        echo \'User update email ink sent to new email for verification.\';
    }   
}else{
//same email
echo \'The email you entered is the same as your current email.\';
}




}

This is the default code in edit-profile.php that handles the email change. Could I add a redirect here somewhere after email change. Is that a good idea?

    // Execute confirmed email change. See send_confirmation_on_profile_email().
if ( IS_PROFILE_PAGE && isset( $_GET[\'newuseremail\'] ) && $current_user->ID ) {
    $new_email = get_user_meta( $current_user->ID, \'_new_email\', true );
    if ( $new_email && hash_equals( $new_email[\'hash\'], $_GET[\'newuseremail\'] ) ) {
        $user             = new stdClass;
        $user->ID         = $current_user->ID;
        $user->user_email = esc_html( trim( $new_email[\'newemail\'] ) );
        if ( is_multisite() && $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) ) {
            $wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
        }
        wp_update_user( $user );
        delete_user_meta( $current_user->ID, \'_new_email\' );
        wp_redirect( add_query_arg( array( \'updated\' => \'true\' ), self_admin_url( \'profile.php\' ) ) );
        die();
    } else {
        wp_redirect( add_query_arg( array( \'error\' => \'new-email\' ), self_admin_url( \'profile.php\' ) ) );
    }
} elseif ( IS_PROFILE_PAGE && ! empty( $_GET[\'dismiss\'] ) && $current_user->ID . \'_new_email\' === $_GET[\'dismiss\'] ) {
    check_admin_referer( \'dismiss-\' . $current_user->ID . \'_new_email\' );
    delete_user_meta( $current_user->ID, \'_new_email\' );
    wp_redirect( add_query_arg( array( \'updated\' => \'true\' ), self_admin_url( \'profile.php\' ) ) );
    die();
}

1 个回复
SO网友:butlerblog

在将标题发送到下游之前,需要对表单进行处理。否则,如果您在加载正文时执行此操作(现在的方式),则在成功更改电子邮件后重定向将导致错误。

很多人会使用init 为此采取的行动;但就我个人而言,我喜欢template_redirect 将窗体处理挂接到。它来得晚一点,然后$post 如果需要任何数据,则加载对象。

以下是我的做法:

add_action( \'template_redirect\', \'my_user_email_update\' );
function my_user_email_update() {

    global $error;

    $error = false;

    if ( is_user_logged_in() && isset( $_POST[\'email\'] ) ) {

        // ALWAYS sanitize untrusted input!
        $new_email = sanitize_email( $_POST[\'email\'] );

        // Get the user info for validating that the email is changing
        $user = wp_get_current_user();

        // check if user is really updating the value
        if ( $user->user_email != $new_email ) {

            // Is the new email actually an email address?
            if ( ! is_email( $new_email ) ) {
                $error = \'Please input a valid email address.\';
            }

            // check if email is free to use
            if ( email_exists( $new_email ) ) {
                // email already taken
                $error = \'That e-mail address is not available.\';

            } else {

                $_POST[\'user_id\'] = $current_user->ID; // This doesn\'t make sense.

                $success = wp_update_user( array( \'ID\'=>$user->ID, \'user_email\'=>$new_email ) );

                send_confirmation_on_profile_email();

                // You could redirect here and pass a query string to indicate successful update
            }   
        } else {
            //same email
            $error = \'The email you entered is the same as your current email.\';
        }
    }
}
需要注意的一些事项:

始终清理输入。而不是检索$_POST[\'email\'] 每次,将其放入变量中并对其进行清理。然后在变量中始终使用经过清理的结果

  • 使用验证email_exists() 这很好。您还应该验证发布的值实际上是一封有效的电子邮件is_email().$_POST[\'user_id\'] = $current_user->ID 用于。这些都没有意义,所以我不确定这句话的用意是什么global $error 任何错误结果都会加载到该变量中。我将其初始化为false 因此,您可以在表单的区域中检查它,如果它不是false,则显示结果

    • 标签: users   redirect   front-end   email-verification   小码农  

    相关推荐

    Order users by user role

    我在团队页面中显示的用户配置文件中有自定义字段。上面写着“主任”、“研究员”、“毕业生”、“实习生”等。添加新团队成员时,可以从带有选项的选择框中进行选择。现在,页面按创建日期顺序显示用户,但我需要按层次顺序显示他们(首先是所有董事,然后是研究人员,然后是毕业生,等等)。配置文件的新字段位于函数中。php,代码如下:<!-- ROLE --> <?php $role = get_user_meta($user->ID, \'member_role\', true)